Join Club

Why the Cloud Isn’t the Answer to All Your Technology Needs

Alex ChamandyThe following post is written and sponsored by Alexander G. Chamandy of Envescent, LLC, the IT services provider to ARLnow.com.

In the last few years there has been an increasing hype regarding cloud-based offerings. From outsourcing the office file or mail server to powering entire complex web sites, collaboration and outsourcing of voice over IP as well as CRM.  The cloud is also touted as a solution for off-site backup services. The term cloud has come to mean just about anything not on your local network. The broadening definition combined with the reduction of reliability, security and accountability is a troubling trend, though.

What is a cloud?

Let’s start with the basics. Just what is a cloud? The cloud actually used to be a graphical component of classic network diagrams to show areas of a network that were either very complex or untrusted (such as data traveling over the Internet vs. a local trusted network). More recently the definition has expanded (and changed substantially). A cloud is in essence a cluster of servers whereby the user is given limited access to accomplish a specific function or task. A cloud can be something as simple as a single server off-site or something as complex as a data center full of servers hosting a product like Facebook.

The problem is the term cloud doesn’t really mean anything specific because it has come to encompass so many products and services. As a result of this dilution the definition of what exactly a cloud is cannot be otherwise described, except perhaps as intangible computing technology.

What isn’t a cloud?cloud

That’s a great question. Dedicated servers where the administrators have granular control are not considered part of the cloud. In addition we consider our local network infrastructure (switches, routers, workstations, servers and other equipment on the premises) to not be part of a cloud. These localized components are not part of the ethereal infrastructure that is considered ‘cloud computing,’ as they have key distinguishing features that allow them to be more closely governed. A subject we’ll talk about in more detail later in this article.

In a nutshell the cloud is not anything you can see, touch or gain low level access to (local network components or part of a dedicated hosting system).

What are the advantages of the cloud?

The biggest advantage is cost. One can certainly get more and pay less using cloud services. Part of this is the theory regarding economies of scale. Most cloud providers buy large amounts of computing power, divvy it up among their clients and keep the difference as a profit margin. The cloud may also be beneficial for content distribution. Let’s say you have a company whose web site is hosted on the East coast, but they have customers in Europe, West coast USA, etc. Having a content distribution network closer to your customer could improve their web experience. The cloud can also be useful for redundancy. Extra DNS, e-mail and other services can be run as backups through cloud-based solutions to improve reliability. The cloud, when used responsibly, can be beneficial.

What are the disadvantages of the cloud?

The saying you get what you pay for rings true here. Let’s say, as an example, you’re using a cloud server to run a website selling widgets for ABC company. One day ABC company’s cloud server gets hacked, the website defaced and the original content destroyed. Because the majority (if not all) of cloud providers have minimal if any accountability or audit trail, it may prove impossible to review logs and determine where the hack came from, what may have been stolen or if the security issue was a fault of the provider or the server administrator. There is, in essence, a lack of transparency.

This is compounded by a lack of security because when one is running their services in a shared hosting environment (which the cloud is, hence the lower prices) there is absolutely no guarantee of security in terms of your data being hidden from prying eyes, being manipulated or even erased. Indeed, ABC company’s widget website could have been compromised by an insecurity in the virtualization software, rather than a fault of the server admin. But ABC company will never know because their cloud host didn’t keep such records (a common practice to reduce storage costs and computing overhead).

t-cloudBut the disadvantages unfortunately do not stop there. Another large problem for cloud-based services is reliability. Not only have there been numerous reports of crippling outages, but there have also been widely publicized reports about data getting lost and the providers either not willing or able to find it. These issues have occurred within major cloud providers and have proved to undermine trust of those effected.

Finally, another significant disadvantage is bottlenecks. There’s a reason we have local area networks, and that is for efficiency, security and speed transferring data back and fourth. Once we move a local office to using the cloud to share files back and fourth all of a sudden what used to be a local, quick operation turns in to a journey. The data that once traveled within the confines of the same office now has to go out to the (untrusted) Internet, potentially exposing the contents of whatever is being shared, and then get routed to your cloud provider, back through the Internet to your office. This problem produces a number of potential bandwidth bottlenecks that can hinder performance and also expose sensitive data.

Is there any recourse when your cloud service is hacked or data is lost?

In general this is a total loss or compromise situation.  Most of the service level agreements stipulate limited liability when it comes to uptime (reliability), security and data continuity. This means that even though you are a paying customer, you may not have any guarantees about the service you have subscribed to. To analyze a hack a good forensic information security expert needs access to logs, direct access to the server and the ability to have granular control of the server’s functionality (i.e. single user boot, kernel debugging, hardware interface access, BIOS/firmware access, etc). Most of the time this functionality is not enabled for cloud servers. Thus limiting both proactive and responsive measures regarding information security.

Imagine if you are an attorney, accountant, doctor or another profession that needs to keep your client’s data private. How can your firm claim to do that while hosting the data in an environment where there is absolutely no guarantee of privacy, security or accessibility? What happens if one day your cloud service is down and you cannot access client records? Worse yet, what happens if it is hacked and all your accounting records are made available to extortionist hackers?

None of these are far fetched situations. In fact, they occur on a routine basis.

What are the alternatives?

It’s curious, really, that one day some genius marketing and sales folks conjured up the term “cloud” and all of a sudden IT had to drop everything and adapt to this new paradigm. The reality is that the alternatives are the solutions we’ve relied on for previous years — and worked well. Hosting a server (either locally or dedicated through a hosting company) where you have greater control serverof its security, backing up its contents, troubleshooting it should a problem arise, is a good bet for an established company that needs reliable access to their data.

A significant segment of users prefers to maintain local file servers, host their own dedicated servers or otherwise avoid the cloud, maintaining a higher degree of security, granular control of their servers and better reliability for themselves and their customers. They take steps to ensure that their configuration is redundant (backed up / fault tolerant), secure and stable. This approach gives them a guarantee of business continuity because they have control of their technology assets.

Conclusion

I believe that the term “cloud” has become too broad, and encompasses too many products and services. On top of that, I feel strongly that the cloud, as it exists now, is not secure, reliable or robust enough to be marketed as the best solution for all problems. After all, sometimes it rains!

I do believe cloud-based services have a place in the information technology professional’s repository, but they shouldn’t always be the first destination and sometimes they shouldn’t even be considered at all.  Especially when security or privacy are important.

About the author

Alexander G. Chamandy is a seasoned IT professional with 20 years of industry experience.  He has deep expertise dealing with cybersecurity, data recovery, networking, deploying and maintaining servers as well as open source software.  If your company or organization needs IT support or consulting, consider contacting Envescent, LLC.

The views and opinions expressed in the column are those of the author and do not necessarily reflect the views of ARLnow.com.

Recent Stories

In loving memory of Joseph Robert Kapacziewski, who passed away in 2023 at the age of 41.

In loving memory of James Stuart Edmonds, who passed away in 2023 at the age of 84.

A man was shot in front of a lounge on Columbia Pike early this morning, continuing a string of violent incidents.

Good Friday evening, Arlington. Today we published articles that were read a total of 17124 times… so far. 📈 Top stories The following are the most-read articles for today —…

YULA’s ultimate frisbee spring season is now open for registration. We offer programs for middle and high schoolers – open to all players, whether they are new or have previous experience.Middle SchoolIn the Middle School league, mixed-gender teams practice once during the week and have games on Sunday afternoons. Spring league is a fun, safe, and positive environment. The season begins mid-March and wraps up with a tournament in early June. There are several options for practice days, so we can often work around schedule conflicts with other sports & activities.High SchoolThe High School program is organized by school of attendance and teams are classified by gender. New players will learn the basics in a supportive, welcoming environment. Experienced players will continue to develop their skills, and enjoy competition with other high school programs. The season concludes with a state level championship tournament in late May.All players are guided by experienced coaches who emphasize sportsmanship and good spirit. Ultimate is a fun sport with great camaraderie!YULA does not want finances to limit anyone from participating. Our middle school program offers a “Pay What You Can” cost structure and our our high school program is offering a $50 discount to new players.Visit our website to register and learn more. Sign up with a friend, but don’t delay, the season starts in March!http://www.yula-ulti.org

Submit your own Announcement here.

The Arlington-Aachen High School exchange is returning this summer and currently accepting applicants.

The sister-city partnership started in 1993 by the Arlington Sister Cities Association, which seeks to promote Arlington’s international profile through a variety of exchanges in education, commerce, culture and the arts. The exchange, scheduled June 17th to July 4th, includes a two-week homestay in Aachen plus three days in Berlin. Knowledge of the German language is not required for the trip.

Former participants have this to say:

_”The Aachen exchange was an eye-opening experience where I was fully immersed in the life of a German student. I loved biking through the countryside to Belgium, having gelato and picnics in the town square, and hanging out with my German host student’s friends. My first time out of the country, the Aachen exchange taught me to keep an open mind, because you never know what could be a life changing experience.” – Kelly M._

Read More

Submit your own Announcement here.

Valentine Pop-Up at George Mason University

Valentine gifts for someone special or for yourself are here at George Mason University from noon -4pm on February 14, 2023. Satisfy your sweet tooth with Kingsbury Chocolates, find a handmade bag from Karina Gaull, pick up treats from Village

Standup Comedy Showcase Starring Matt Ruby (Comedy Central)

Dead Horse Comedy Productions brings together top comedians from the DMV and beyond for a live standup comedy show!

Matt Ruby, Headliner

Matt Ruby is a comedian, writer, and filmmaker from New York City. His comedy has been filmed by

×

Subscribe to our mailing list